Phase 6: AIOS security plugin with conservative login lockdown config (10 attempts)
This commit is contained in:
Hanson.xyz Dev
+148
@@ -0,0 +1,148 @@
|
||||
<?php if (!defined('ABSPATH')) die('No direct access.'); ?>
|
||||
<?php
|
||||
// Display an alert warning message if a file change was detected
|
||||
if ($aiowps_fcds_change_detected) {
|
||||
echo '<div id="aiowps_fcds_change_detected" class="error"><p><strong>' . esc_html__('The scan has detected that there was a change in your website\'s files.', 'all-in-one-wp-security-and-firewall') .' <a href="#" data-reset_change_detected="1" class="aiowps_view_last_fcd_results" >'.esc_html__('View the scan results and clear this message', 'all-in-one-wp-security-and-firewall').'</a></strong></p></div>';
|
||||
}
|
||||
?>
|
||||
<div class="aio_blue_box">
|
||||
<?php
|
||||
echo '<p>' . esc_html__('If given an opportunity hackers can insert their code or files into your system which they can then use to carry out malicious acts on your site.', 'all-in-one-wp-security-and-firewall') .'<br>' . esc_html__('Being informed of any changes in your files can be a good way to quickly prevent a hacker from causing damage to your website.', 'all-in-one-wp-security-and-firewall') .'<br>' . esc_html__('In general, WordPress core and plugin files and file types such as ".php" or ".js" should not change often and when they do, it is important that you are made aware when a change occurs and which file was affected.', 'all-in-one-wp-security-and-firewall') .'<br>' . esc_html__('The "File Change Detection Feature" will notify you of any file change which occurs on your system, including the addition and deletion of files by performing a regular automated or manual scan of your system\'s files.', 'all-in-one-wp-security-and-firewall') .'<br>' . esc_html__('This feature also allows you to exclude certain files or folders from the scan in cases where you know that they change often as part of their normal operation. (For example log files and certain caching plugin files may change often and hence you may choose to exclude such files from the file change detection scan)', 'all-in-one-wp-security-and-firewall') . '</p>';
|
||||
?>
|
||||
</div>
|
||||
<div class="postbox aiowps_next_scheduled_scan_wrapper">
|
||||
<div class="schedule">
|
||||
<div class="aiowps_next_scheduled_entity">
|
||||
<div class="aiowps_next_scheduled_heading">
|
||||
<strong><?php echo esc_html__('Next file scan', 'all-in-one-wp-security-and-firewall').':';?></strong>
|
||||
</div>
|
||||
<div id="aiowps-next-files-scan-inner">
|
||||
<?php
|
||||
if (false === $next_fcd_scan_time) {
|
||||
echo '<span>' . esc_html__('Nothing is currently scheduled', 'all-in-one-wp-security-and-firewall') . '</span>';
|
||||
} else {
|
||||
echo '<span class="aiowps_next_scheduled_date_time">' . esc_html($next_fcd_scan_time) . '</span>';
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
<div class="aiowps_next_scheduled_entity">
|
||||
<div class="aiowps_next_scheduled_heading">
|
||||
<strong><?php echo esc_html__('Previous file scan results', 'all-in-one-wp-security-and-firewall').':';?></strong>
|
||||
</div>
|
||||
<div id="aiowps-previous-files-scan-inner">
|
||||
<span>
|
||||
<?php
|
||||
if ($previous_scan) {
|
||||
echo '<a href="#" class="aiowps_view_last_fcd_results">' . esc_html__('View the last file scan results', 'all-in-one-wp-security-and-firewall') . '</a>';
|
||||
} else {
|
||||
esc_html_e('No previous scan results', 'all-in-one-wp-security-and-firewall');
|
||||
}
|
||||
?>
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
<div class="aiowps_time_now_wrapper">
|
||||
<?php
|
||||
// wp_date() is WP 5.3+, but performs translation into the site locale
|
||||
$current_time = AIOWPSecurity_Utility::convert_timestamp(null, 'D, F j, Y H:i');
|
||||
?>
|
||||
<span class="aiowps_time_now_label"><?php echo esc_html__('Time now', 'all-in-one-wp-security-and-firewall').': ';?></span>
|
||||
<span class="aiowps_time_now"><?php echo esc_html($current_time);?></span>
|
||||
</div>
|
||||
</div>
|
||||
<div class="aiowps_scan_btn_wrapper">
|
||||
<button id="aiowps_manual_fcd_scan" type="button" class="button button-primary button-large button-hero"><?php esc_html_e('Scan now', 'all-in-one-wp-security-and-firewall'); ?></button>
|
||||
<p><?php echo esc_html__('or schedule regular file scans below.', 'all-in-one-wp-security-and-firewall');?></p>
|
||||
</div>
|
||||
<div id="aiowps_activejobs_table">
|
||||
|
||||
</div>
|
||||
<div id="aiowps_previous_scan_wrapper">
|
||||
</div>
|
||||
</div>
|
||||
<div class="postbox">
|
||||
<h3 class="hndle"><label for="title"><?php esc_html_e('File change detection settings', 'all-in-one-wp-security-and-firewall'); ?></label></h3>
|
||||
<div class="inside">
|
||||
<div id="scan-file-change-detection-badge">
|
||||
<?php
|
||||
$aiowps_feature_mgr->output_feature_details_badge('scan-file-change-detection');
|
||||
?>
|
||||
</div>
|
||||
<div id="aios-file-change-info-box"></div>
|
||||
<form action="" method="POST" id="aiowpsec-scheduled-fcd-scan-form">
|
||||
<table class="form-table">
|
||||
<tr valign="top">
|
||||
<th scope="row"><?php esc_html_e('Enable automated file change detection scan', 'all-in-one-wp-security-and-firewall'); ?>:</th>
|
||||
<td>
|
||||
<div class="aiowps_switch_container">
|
||||
<?php AIOWPSecurity_Utility_UI::setting_checkbox(esc_html__('Enable this if you want the system to automatically and periodically scan your files to check for file changes based on the settings below', 'all-in-one-wp-security-and-firewall'), 'aiowps_enable_automated_fcd_scan', '1' == $aiowps_enable_automated_fcd_scan); ?>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr valign="top">
|
||||
<th scope="row"><label for="aiowps_fcd_scan_frequency"><?php esc_html_e('Scan time interval', 'all-in-one-wp-security-and-firewall'); ?>:</label></th>
|
||||
<td><input id="aiowps_fcd_scan_frequency" type="text" size="5" name="aiowps_fcd_scan_frequency" value="<?php echo esc_attr($aiowps_fcd_scan_frequency); ?>" />
|
||||
<select id="backup_interval" name="aiowps_fcd_scan_interval">
|
||||
<option value="0" <?php selected($aiowps_fcd_scan_interval, '0'); ?>><?php esc_html_e('Hours', 'all-in-one-wp-security-and-firewall'); ?></option>
|
||||
<option value="1" <?php selected($aiowps_fcd_scan_interval, '1'); ?>><?php esc_html_e('Days', 'all-in-one-wp-security-and-firewall'); ?></option>
|
||||
<option value="2" <?php selected($aiowps_fcd_scan_interval, '2'); ?>><?php esc_html_e('Weeks', 'all-in-one-wp-security-and-firewall'); ?></option>
|
||||
</select>
|
||||
<span class="description"><?php esc_html_e('Set the value for how often you would like a scan to occur', 'all-in-one-wp-security-and-firewall'); ?></span>
|
||||
</td>
|
||||
</tr>
|
||||
<tr valign="top">
|
||||
<th scope="row"><label for="aiowps_fcd_exclude_filetypes"><?php esc_html_e('File types to ignore', 'all-in-one-wp-security-and-firewall'); ?>:</label></th>
|
||||
<td>
|
||||
<textarea id="aiowps_fcd_exclude_filetypes" name="aiowps_fcd_exclude_filetypes" rows="5" cols="50"><?php echo esc_textarea($aiowps_fcd_exclude_filetypes); ?></textarea>
|
||||
<br>
|
||||
<span class="description"><?php esc_html_e('Enter each file type or extension on a new line which you wish to exclude from the file change detection scan.', 'all-in-one-wp-security-and-firewall'); ?></span>
|
||||
<span class="aiowps_more_info_anchor"><span class="aiowps_more_info_toggle_char">+</span><span class="aiowps_more_info_toggle_text"><?php esc_html_e('More info', 'all-in-one-wp-security-and-firewall'); ?></span></span>
|
||||
<div class="aiowps_more_info_body">
|
||||
<?php
|
||||
echo '<p class="description">' . esc_html__('You can exclude file types from the scan which would not normally pose any security threat if they were changed.', 'all-in-one-wp-security-and-firewall') . ' ' . esc_html__('These can include things such as image files.', 'all-in-one-wp-security-and-firewall') . '</p>';
|
||||
/* translators: 1. JPG, 2. PNG, 3. BMP. */
|
||||
echo '<p class="description">' . sprintf(esc_html__('Example: If you want the scanner to ignore files of type %1$s, %2$s, and %3$s, then you would enter the following:', 'all-in-one-wp-security-and-firewall'), 'jpg', 'png', 'bmp'). '</p>';
|
||||
echo '<p class="description">' . 'jpg' . '</p>';
|
||||
echo '<p class="description">' . 'png' . '</p>';
|
||||
echo '<p class="description">' . 'bmp' . '</p>';
|
||||
?>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr valign="top">
|
||||
<th scope="row"><label for="aiowps_fcd_exclude_files"><?php esc_html_e('Files/Directories to ignore', 'all-in-one-wp-security-and-firewall'); ?>:</label></th>
|
||||
<td>
|
||||
<textarea id="aiowps_fcd_exclude_files" name="aiowps_fcd_exclude_files" rows="5" cols="50"><?php echo esc_textarea($aiowps_fcd_exclude_files); ?></textarea>
|
||||
<br>
|
||||
<span class="description"><?php esc_html_e('Enter each file or directory on a new line which you wish to exclude from the file change detection scan.', 'all-in-one-wp-security-and-firewall'); ?></span>
|
||||
<span class="aiowps_more_info_anchor"><span class="aiowps_more_info_toggle_char">+</span><span class="aiowps_more_info_toggle_text"><?php esc_html_e('More info', 'all-in-one-wp-security-and-firewall'); ?></span></span>
|
||||
<div class="aiowps_more_info_body">
|
||||
<?php
|
||||
echo '<p class="description">' . esc_html__('You can exclude specific files/directories from the scan which would not normally pose any security threat if they were changed.', 'all-in-one-wp-security-and-firewall') . ' ' . esc_html__('These can include things such as log files.', 'all-in-one-wp-security-and-firewall') . '</p>';
|
||||
echo '<p class="description">' . esc_html__('Example: If you want the scanner to ignore certain files in different directories or whole directories, then you would enter the following:', 'all-in-one-wp-security-and-firewall') . '</p>';
|
||||
echo '<p class="description">' . 'cache/config/master.php' . '</p>';
|
||||
echo '<p class="description">' . esc_html__('somedirectory', 'all-in-one-wp-security-and-firewall') . '</p>';
|
||||
?>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<tr valign="top">
|
||||
<th scope="row">
|
||||
<label for="aiowps_fcd_scan_email_address"><?php esc_html_e('Send email when change detected', 'all-in-one-wp-security-and-firewall'); ?>:</label>
|
||||
</th>
|
||||
<td>
|
||||
<div class="aiowps_switch_container">
|
||||
<?php AIOWPSecurity_Utility_UI::setting_checkbox(esc_html__('Enable this if you want the system to email you if a file change was detected', 'all-in-one-wp-security-and-firewall'), 'aiowps_send_fcd_scan_email', '1' == $aiowps_send_fcd_scan_email); ?>
|
||||
</div>
|
||||
<br>
|
||||
<textarea name="aiowps_fcd_scan_email_address" id="aiowps_fcd_scan_email_address" rows="5" cols="50"><?php echo esc_textarea(wp_unslash(AIOWPSecurity_Utility::get_textarea_str_val($aiowps_fcd_scan_email_address))); ?></textarea>
|
||||
<br>
|
||||
<span class="description"><?php esc_html_e('Enter one or more email addresses on a new line.', 'all-in-one-wp-security-and-firewall'); ?></span>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="submit" name="aiowps_schedule_fcd_scan" value="<?php esc_html_e('Save settings', 'all-in-one-wp-security-and-firewall'); ?>" class="button-primary" />
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
Executable
+25
@@ -0,0 +1,25 @@
|
||||
<?php if (!defined('ABSPATH')) die('No direct access.'); ?>
|
||||
<div class="aio_blue_box">
|
||||
<?php
|
||||
echo '<h2>' . esc_html__('What is malware?', 'all-in-one-wp-security-and-firewall').'</h2>';
|
||||
echo '<p>' . esc_html__('The word malware stands for malicious software.', 'all-in-one-wp-security-and-firewall') . ' ' . esc_html__('It can consist of things like trojan horses, adware, worms, spyware and any other undesirable code which a hacker will try to inject into your website.', 'all-in-one-wp-security-and-firewall') . '</p>' .'<p>' . esc_html__('Often when malware code has been inserted into your site you will normally not notice anything out of the ordinary based on appearances, but it can have a dramatic effect on your site\'s search ranking.', 'all-in-one-wp-security-and-firewall') . '</p>' .'<p>' . esc_html__('This is because the bots and spiders from search engines such as Google have the capability to detect malware when they are indexing the pages on your site, and consequently they can blacklist your website which will in turn affect your search rankings.', 'all-in-one-wp-security-and-firewall') . '</p>';
|
||||
|
||||
$site_scanners_link = '<a href="https://teamupdraft.com/all-in-one-security/pricing/?utm_source=aios-plugin&utm_medium=referral&utm_campaign=paac&utm_content=learn-more-malware-scan&utm_creative_format=text" target="_blank">' . esc_html__('here', 'all-in-one-wp-security-and-firewall'). '</a>';
|
||||
|
||||
echo '<h2>' . esc_html__('Scanning for malware', 'all-in-one-wp-security-and-firewall') . '</h2>';
|
||||
echo '<p>' . esc_html__('Due to the constantly changing and complex nature of Malware, scanning for such things using a standalone plugin will not work reliably.', 'all-in-one-wp-security-and-firewall') . ' ' . esc_html__('This is something best done via an external scan of your site regularly.', 'all-in-one-wp-security-and-firewall') . '</p>'.'<p>'.esc_html__('This is why we have created an easy-to-use scanning service which is hosted off our own server which will scan your site for malware weekly and notify you if it finds anything.', 'all-in-one-wp-security-and-firewall').'</p>';
|
||||
echo '<p>' . esc_html__('This service is included with the premium plugin and provides the following:', 'all-in-one-wp-security-and-firewall') . '</p>';
|
||||
echo '<ul class="aiowps_admin_ul_grp1">
|
||||
<li>' . esc_html__('Automatic weekly scans', 'all-in-one-wp-security-and-firewall') . '</li>
|
||||
<li>' . esc_html__('Automatic malware and blacklist monitoring', 'all-in-one-wp-security-and-firewall') . '</li>
|
||||
<li>' . esc_html__('Automatic email alerting', 'all-in-one-wp-security-and-firewall') . '</li>
|
||||
<li>' . esc_html__('Site uptime monitoring', 'all-in-one-wp-security-and-firewall') . '</li>
|
||||
<li>' . esc_html__('Site response time monitoring', 'all-in-one-wp-security-and-firewall') . '</li>
|
||||
<li>' . esc_html__('We provide advice for malware cleanup', 'all-in-one-wp-security-and-firewall') . '</li>
|
||||
<li>' . esc_html__('Blacklist removal', 'all-in-one-wp-security-and-firewall') . '</li>
|
||||
<li>' . esc_html__('No contract (cancel anytime)', 'all-in-one-wp-security-and-firewall') . '</li>
|
||||
</ul>';
|
||||
/* translators: %s: Scanner URL. */
|
||||
echo '<p>' . sprintf(esc_html__('Learn more %s.', 'all-in-one-wp-security-and-firewall'), $site_scanners_link) . '</p>'; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- variable already escaped.
|
||||
?>
|
||||
</div>
|
||||
Executable
+42
@@ -0,0 +1,42 @@
|
||||
<?php if (!defined('ABSPATH')) die('No direct access.'); ?>
|
||||
<div>
|
||||
<h3 class="hndle"><label for="title"><?php esc_html_e('Latest file change scan results', 'all-in-one-wp-security-and-firewall'); ?></label></h3>
|
||||
<div class="inside">
|
||||
<?php
|
||||
$last_scan_results = $fcd_data['last_scan_result'];
|
||||
$file_change_types = array(
|
||||
'files_added' => esc_html__('The following files were added to your website.', 'all-in-one-wp-security-and-firewall'),
|
||||
'files_removed' => esc_html__('The following files were removed from your website.', 'all-in-one-wp-security-and-firewall'),
|
||||
'files_changed' => esc_html__('The following files were changed on your website.', 'all-in-one-wp-security-and-firewall')
|
||||
);
|
||||
|
||||
foreach ($file_change_types as $type => $description) {
|
||||
if (empty($last_scan_results[$type])) continue;
|
||||
echo '<div class="aio_info_with_icon aio_spacer_10_tb">' . esc_html($description) . '</div>';
|
||||
$output = '<div class="aiowps_table_container">';
|
||||
$output .= '<table class="widefat aiowps_scan_result_table">';
|
||||
$output .= '<thead class="aiowps_scan_result_table_header">';
|
||||
$output .= '<tr>';
|
||||
$output .= '<th>' . esc_html__('File', 'all-in-one-wp-security-and-firewall') . '</th>';
|
||||
$output .= '<th>' . esc_html__('File size', 'all-in-one-wp-security-and-firewall') . '</th>';
|
||||
$output .= '<th>' . esc_html__('File modified', 'all-in-one-wp-security-and-firewall') . '</th>';
|
||||
$output .= '</tr>';
|
||||
$output .= '</thead>';
|
||||
foreach ($last_scan_results[$type] as $key => $value) {
|
||||
$output .= '<tr>';
|
||||
$output .= '<td>' . esc_html($key) . '</td>';
|
||||
$file_size = AIOWPSecurity_Utility::convert_numeric_size_to_text($value['filesize']);
|
||||
$output .= '<td>' . esc_html($file_size) . '</td>';
|
||||
$last_modified = AIOWPSecurity_Utility::convert_timestamp($value['last_modified']);
|
||||
$output .= '<td>' . esc_html($last_modified) . '</td>';
|
||||
$output .= '</tr>';
|
||||
}
|
||||
$output .= '</table>';
|
||||
$output .= '</div>';
|
||||
// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- Variables escaped early inside HTML.
|
||||
echo $output;
|
||||
echo '<div class="aio_spacer_15"></div>';
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
Reference in New Issue
Block a user